diff options
| author | alc <alc@FreeBSD.org> | 2004-05-28 19:42:02 +0000 |
|---|---|---|
| committer | alc <alc@FreeBSD.org> | 2004-05-28 19:42:02 +0000 |
| commit | 87de22f863e37fdcd6b15f5c5843174b836b7f8d (patch) | |
| tree | cedad51ade49efdb716ab1518cbee306152c42fa | |
| parent | cb36cda063ae0a95aad46bf415b122fbb3c2e379 (diff) | |
| download | FreeBSD-src-87de22f863e37fdcd6b15f5c5843174b836b7f8d.zip FreeBSD-src-87de22f863e37fdcd6b15f5c5843174b836b7f8d.tar.gz | |
Remove a broken micro-optimization from pmap_enter(). The ill effect
of this micro-optimization occurs when we call pmap_enter() to wire an
already mapped page. Because of the micro-optimization, we fail to
mark the PTE as wired. Later, on teardown of the address space,
pmap_remove_pages() destroys the PTE before vm_fault_unwire() has
unwired the page. (pmap_remove_pages() is not supposed to destroy
wired PTEs. They are destroyed by a later call to pmap_remove().)
Thus, the page becomes lost.
Note: The page is not lost if the application called munlock(2), only
if it relies on teardown of the address space to unwire its pages.
For the historically inclined, this bug was introduced by a
megacommit, revision 1.182, roughly six years ago.
Leak observed by: green@ and dillon independently
Patch submitted by: dillon at backplane dot com
Reviewed by: tegge@
MFC after: 1 week
| -rw-r--r-- | sys/amd64/amd64/pmap.c | 8 | ||||
| -rw-r--r-- | sys/i386/i386/pmap.c | 8 |
2 files changed, 0 insertions, 16 deletions
diff --git a/sys/amd64/amd64/pmap.c b/sys/amd64/amd64/pmap.c index 9564472..fe64ae4 100644 --- a/sys/amd64/amd64/pmap.c +++ b/sys/amd64/amd64/pmap.c @@ -1892,14 +1892,6 @@ pmap_enter(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot, if (mpte) mpte->hold_count--; - if ((prot & VM_PROT_WRITE) && (origpte & PG_V)) { - if ((origpte & PG_RW) == 0) { - pte_store(pte, origpte | PG_RW); - pmap_invalidate_page(pmap, va); - } - return; - } - /* * We might be turning off write access to the page, * so we go ahead and sense modify status. diff --git a/sys/i386/i386/pmap.c b/sys/i386/i386/pmap.c index e3fe15a..375cfad 100644 --- a/sys/i386/i386/pmap.c +++ b/sys/i386/i386/pmap.c @@ -1961,14 +1961,6 @@ pmap_enter(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot, if (mpte) mpte->hold_count--; - if ((prot & VM_PROT_WRITE) && (origpte & PG_V)) { - if ((origpte & PG_RW) == 0) { - pte_store(pte, origpte | PG_RW); - pmap_invalidate_page(pmap, va); - } - return; - } - /* * We might be turning off write access to the page, * so we go ahead and sense modify status. |
